Audio experts Bose (opens in new tab) suffered a ransomware (opens in new tab) attack earlier this year in March, according to an incident notification letter sent to New Hampshire's Office of the Attorney General, by a counsel on behalf of the company.
In the letter, accessed and shared by BleepingComputer, the counsel notes that during investigation of the cyber-incident, the company discovered that data related to six former employees was “accessed and potentially exfiltrated.”
Although the letter doesn’t mention the ransomware that was deployed, or the ransom demanded, it does refer to the incident as a sophisticated attack.
We're looking at how our readers use VPN for a forthcoming in-depth report. We'd love to hear your thoughts in the survey below. It won't take more than 60 seconds of your time.
>> Click here to start the survey in a new window (opens in new tab)<<
- Shield yourself with these best identity theft protection services (opens in new tab)
- Check our list of the best firewall apps and services (opens in new tab)
- These are the best endpoint protection tools (opens in new tab)
"We did not make any ransom payment," Bose Media Relations Director, Joanne Berthiaume told BleepingComputer, adding that "we recovered and secured our systems quickly with the support of third-party cybersecurity (opens in new tab) experts."
The counsel notes that the company engaged external cybersecurity experts to help the company investigate the incident.
Again without going into details, the letter notes that Bose first worked to regain control over its systems, before working with its own forensics experts to determine the data that was accessed during the attack.
Late in April, 2021, the company was able to determine that the attackers only got their hands on the human resource files of a half dozen former employees, including their name, social security numbers, and compensation-related information.
The company alerted these employees and claims to have even offered a yearly subscription to an identity protection service for free. Furthermore, it has retained experts to keep their eyes peeled for any signs of the leaked data surfacing on the dark web.
Strangely, the letter mentions that Bose “has been working with the US Federal Bureau of Investigation” but once again fails to mention in what capacity and to what end.
While Bose’ response to the incident is commendable, its extent feels at odds with the reported details of the attack.
In light of the recent ransomware attacks on Colonial Pipeline (opens in new tab) and on AXA (opens in new tab), both of whom had to pay hefty ransoms to regain control of their network, we’re sure the cybersecurity community would appreciate if Bose would share more details about the ransomware variant that hit them and how it managed to cleanse it off its machines.
- Protect your devices with these best antivirus software (opens in new tab)
Via BleepingComputer (opens in new tab)